Using AI to outsmart AI-driven phishing scams 2025-05-30 at 08:32 By Sinisa Markovic Phishing scams used to be filled with awkward wording and obvious grammar mistakes. Not anymore. AI is now making it harder to distinguish what is real. According to Cofense, email-based scams surged 70% year over year, driven by AI’s ability to automate […]
React to this headline:
Using AI to outsmart AI-driven phishing scams Read More »
GitHub becomes go-to platform for malware delivery across Europe 2025-05-28 at 07:32 By Help Net Security Phishing has become the go-to method for attackers looking to get past security controls and access sensitive environments in Europe, according to Netskope. Users are now constantly dealing with phishing attempts, which have become so common and credible that
React to this headline:
GitHub becomes go-to platform for malware delivery across Europe Read More »
Russian Government Hackers Caught Buying Passwords from Cybercriminals 2025-05-27 at 18:01 By Ryan Naraine Microsoft flags a new Kremlin hacking team buying stolen usernames and passwords from infostealer markets for use in cyberespionage attacks. The post Russian Government Hackers Caught Buying Passwords from Cybercriminals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
React to this headline:
Russian Government Hackers Caught Buying Passwords from Cybercriminals Read More »
Microsoft, Dutch security agencies lift veil on Laundry Bear cyber espionage group 2025-05-27 at 17:02 By Zeljka Zorz The Dutch intelligence and security services have identified a new Russia-affiliated threat group that has been breaching government organizations and commercial entities in Europe and North America, and they dubbed it Laundry Bear. “Compared to some other
React to this headline:
Microsoft, Dutch security agencies lift veil on Laundry Bear cyber espionage group Read More »
Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users 2025-05-21 at 16:54 By Ryan Naraine A mandatory filing to the Maine Attorney General says 69,461 customers nationwide were affected and dates the breach back to last December. The post Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users appeared first on SecurityWeek. This article is
React to this headline:
Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users Read More »
CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide 2025-05-19 at 16:50 By Anamarija Pogorelec A phishing operation that targets corporate banking accounts across the globe has been analyzed in a new report by CTM360. The campaign uses fake Google ads, advanced filtering techniques, to steal sensitive login credentials and bypass MFA. Researchers uncovered
React to this headline:
CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide Read More »
Polymorphic phishing attacks flood inboxes 2025-05-16 at 08:31 By Help Net Security AI is transforming the phishing threat landscape at a pace many security teams are struggling to match, according to Cofense. In 2024, researchers tracked one malicious email every 42 seconds. Many of the 42-second attacks were part of polymorphic phishing attacks. Unlike traditional
React to this headline:
Polymorphic phishing attacks flood inboxes Read More »
The many variants of the ClickFix social engineering tactic 2025-05-08 at 18:50 By Zeljka Zorz As new malware delivery campaigns using the ClickFix social engineering tactic are spotted nearly every month, it’s interesting to see how the various attackers are trying to refine the two main elements: the lure and the “instruction” page. In the
React to this headline:
The many variants of the ClickFix social engineering tactic Read More »
Low-tech phishing attacks are gaining ground 2025-05-01 at 07:02 By Help Net Security Cybercriminals are increasingly favoring low-tech, human-centric attacks to bypass email scanning technologies, according to VIPRE Security. The report is based on an analysis of global real-world data and highlights the most significant email security trends from the first quarter of 2025. Callback
React to this headline:
Low-tech phishing attacks are gaining ground Read More »
Property renters targeted in simple BEC scam 2025-04-30 at 14:32 By Zeljka Zorz Emails purportedly sent by rental property management firms are being used to steal money from people in France and Canada, Proofpoint researchers have warned. A BEC scam preying on renters “Most campaigns are sent from compromised mailboxes belonging to educational institutions in
React to this headline:
Property renters targeted in simple BEC scam Read More »
AI-Powered Polymorphic Phishing Is Changing the Threat Landscape 2025-04-24 at 14:32 By Stu Sjouwerman Combined with AI, polymorphic phishing emails have become highly sophisticated, creating more personalized and evasive messages that result in higher attack success rates. The post AI-Powered Polymorphic Phishing Is Changing the Threat Landscape appeared first on SecurityWeek. This article is an
React to this headline:
AI-Powered Polymorphic Phishing Is Changing the Threat Landscape Read More »
Attackers phish OAuth codes, take over Microsoft 365 accounts 2025-04-23 at 13:36 By Zeljka Zorz Suspected Russian threat actors are using OAuth-based phishing attacks to get targets to grant them access to their Microsoft 365 (M365) accounts. “The primary tactics observed involve the attacker requesting victim’s supply Microsoft Authorization codes, which grant the attacker with
React to this headline:
Attackers phish OAuth codes, take over Microsoft 365 accounts Read More »
Legacy Google Service Abused in Phishing Attacks 2025-04-22 at 14:15 By Ionut Arghire A sophisticated phishing campaign abuses weakness in Google Sites to spoof Google no-reply addresses and bypass protections. The post Legacy Google Service Abused in Phishing Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to
React to this headline:
Legacy Google Service Abused in Phishing Attacks Read More »
Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) 2025-04-17 at 16:52 By Zeljka Zorz CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitation in the wild has been observed
React to this headline:
Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) Read More »
Cozy Bear targets EU diplomats with wine-tasting invites (again) 2025-04-16 at 17:40 By Zeljka Zorz APT29 (aka Cozy Bear, aka Midnight Blizzard) is, once again, targeting European diplomats with fake invitations to wine-tasting events, Check Point researchers have shared. Cozy Bear uses wine-tastings and dinners as a lure In early 2024, Zscaler flagged a low-volume
React to this headline:
Cozy Bear targets EU diplomats with wine-tasting invites (again) Read More »
AI Now Outsmarts Humans in Spear Phishing, Analysis Shows 2025-04-09 at 20:02 By Kevin Townsend Agentic AI has improved spear phishing effectiveness by 55% since 2023, research shows. The post AI Now Outsmarts Humans in Spear Phishing, Analysis Shows appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to
React to this headline:
AI Now Outsmarts Humans in Spear Phishing, Analysis Shows Read More »
Phishing, fraud, and the financial sector’s crisis of trust 2025-04-08 at 08:02 By Anamarija Pogorelec The financial sector is under growing pressure from advanced phishing attacks and fraud, causing major financial losses and eroding customer trust. Escalation of phishing attacks While traditional phishing relied on generic emails to steal sensitive data, cybercriminals now use targeted
React to this headline:
Phishing, fraud, and the financial sector’s crisis of trust Read More »
CRM, Bulk Email Providers Targeted in Crypto Phishing Campaign 2025-04-07 at 15:05 By Ionut Arghire ‘PoisonSeed’ phishing campaign targets CRM and bulk email providers to distribute “crypto seed phrase” messages. The post CRM, Bulk Email Providers Targeted in Crypto Phishing Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
React to this headline:
CRM, Bulk Email Providers Targeted in Crypto Phishing Campaign Read More »
Phishers are increasingly impersonating electronic toll collection companies 2025-04-03 at 14:31 By Zeljka Zorz Steam was the most imitated brands by phishers in the first quarter of 2025, followed by Microsoft and Facebook/Meta, Guardio researchers have revealed. “Historically, the #1 spot has been dominated by the usual suspects – big tech companies like Meta, Microsoft,
React to this headline:
Phishers are increasingly impersonating electronic toll collection companies Read More »
Only 1% of malicious emails that reach inboxes deliver malware 2025-04-02 at 07:04 By Help Net Security 99% of email threats reaching corporate user inboxes in 2024 were response-based social engineering attacks or contained phishing links, according to Fortra. Only 1% of malicious emails that reached user inboxes delivered malware. This shows that while common
React to this headline:
Only 1% of malicious emails that reach inboxes deliver malware Read More »